Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows
By
11:27 AM
Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters.
Kubernetes is an open-source system that helps to automate the deployment, scaling, and management of containerized workloads, services, and apps over clusters of hosts.
Argo Workflows is the most popular workflow execution engine for Kubernetes, designed to orchestrate parallel jobs for speeding up machine learning or data processing computing-intensive jobs on Kubernetes clusters.
New attack vector already used in the wild
"Attackers are already taking advantage of this vector as we detected operators dropping cryptominers using this method in the wild," Intezer security researchers Ryan Robinson and Nicole Fishbein revealed in a report published earlier this week.